So I’m having some internet issues today and I have to go into an account to troubleshoot. But can I remember the password? Of course not. Chrome currently remembers a lot of them for me but if I didn’t set it up it (Mrs. L did), that data won’t be in my cloud. Besides, I’m starting to feel gicky about Google.
Like most people today, I have lots of passwords to remember. One strategy is to make them memorable. But I cringe every time I see nostalgic posts on Facebook where you’re supposed to copy and change answers. Favorite candy bar? First place you worked? Pet’s name? Hmm, who’s collecting those answers and programming a computer to try every permutation of them in your account?
Actually we had a training that said we probably don’t make good passwords anyway—they should be phrases, not words, mixed cases, numbers and symbols. If you use the same password on everything, then if hackers get one they get access to them all, so you better mix it up. And change them regularly. Hmm. With some accounts, if you don’t access them but once in a blue moon, how will you remember? I guess you can write them in a book somewhere but….
I heard there are apps/programs that will manage this for you. Tell them your current passwords and when you log in, they’ll change them. This will spit out things like aAXxdSeeR#_Tdr! (probably longer, but nigh impossible to guess). And it will keep changing them.
Are any of you using this? My questions…
How do different devices “know?” 1) If I use my work computer, how does it know that my home computer changed the password to my work email account? 2) Suppose I’m on my home computer and I have a satellite TV account that I access: how does my wife’s device learn the new password? 3) How selective can you be? For instance, there’s the “need to know” basis. We each have work accounts with sensitive information that the other shouldn’t access. But also, I don’t want to pry into her emails with her sister and I’m sure she respects my private space as well. So…how does that work?
It seems to me that you could probably download the app on several devices and those devices would communicate with each other about any changes that have occurred. But that brush seems too broad, and I’m not sure what else I haven’t anticipated.
I’m not clear on whether you want a password manager or simply an app that suggests new passwords, but LastPass does both. It supports (optionally) sharing among family members, from the full list to just a subset.
I’ve been using it for quite a few years, and couldn’t function without it.
If I understand your question, you are asking about syncing. If you use a password manager to auto-fill your passwords, any device that uses that manager and has it automatically synced will get all updates automagically.
If you want different people to have private passwords, they need to use different logins to separate databases.
I tend to use my laptop instead of my phone. Program, app—I imagined something where maybe I start it and I have one password—mYdOgHaSfLeAs#23skidoo—and now I’m in. Then I click my email account and it goes there and logs me in with the most recent password (I’m supposing the program changes it every single time I access it). I don’t want it to suggest a password that I then have to type in.
OK so it’s like Chrome—it stores its passwords in the cloud, edits it each time it’s used. Anybody accessing that account has the needed passwords.
I guess we could have multiple accounts. My personal, my professional, her personal, her professional, our personal. Each would have three. Hmm.
Agree with Raza - Lastpass is amazingly simple, has a plugin that works in Chrome (and presumably plugins for other browsers) as well as a phone app. You have a master password to log into LastPass, and that gives you access to all your other passwords. It will automatically generate passwords for you for new sites, or you can enter your own and it will remember it for you. It also will automatically complete the appropriate log-in fields. For instance, when I go to my bank’s website, it will automatically fill in my username and my password and I just have to click the “Log in” button. I don’t have to type anything.
It doesn’t change passwords each time a password is used - I don’t think that’s necessary nor do I think there are apps that do that - typically the process for changing a password on a website has multiple steps, verification, etc.
And, according to Raza, it supports multiple accounts (I don’t use that functionality.)
Agree with Raza - Lastpass is amazingly simple, has a plugin that works in Chrome (and presumably plugins for other browsers) as well as a phone app. You have a master password to log into LastPass, and that gives you access to all your other passwords. It will automatically generate passwords for you for new sites, or you can enter your own and it will remember it for you. It also will automatically complete the appropriate log-in fields. For instance, when I go to my bank’s website, it will automatically fill in my username and my password and I just have to click the “Log in” button. I don’t have to type anything.
It doesn’t change passwords each time a password is used - I don’t think that’s necessary nor do I think there are apps that do that - typically the process for changing a password on a website has multiple steps, verification, etc.
And, according to Raza, it supports multiple accounts (I don’t use that functionality.)
I use LastPass. Aside from on your computer, you can either log in on another browser, or on your phone you can use an app to either autofill passwords (with appropriate permissions) or copy-paste. Theoretically, all you’d need to remember is your LastPass password (remember, long, but hard to predict English passwords are easy to remember and strong, like GreenWalrusBullrush are superior to short nonsense like Xk1@5). And also your recovery email password. The browser plugin also asks you if you want to update the database with password changes and new passwords. Firefox and Chrome work equally well.
As it happens, Consumer Reports just did a review of 10 password managers. Their top recommendation is 1Password but it costs $60/year. Their highest rated free app is Bitwarden.
I manage my passwords with a google spreadsheet. May be a bit kludgy compared to an app but it is free and as long as I’m willing to change passwords manually it works quite well. Plus when I get the “Your password is 3Edf&!47cXZa#nRwIo). I hacked your webcam and made you [sic] masterbation video to send 20 random people in your email contact list. Send bitcoin.” I can look it up on my sheet and find out what website didn’t secure my password.
Not necessarily (another) plug for LastPass, but a feature any major password manager should have: a multi-use password report. This run-on-demand report shows which sites where you use the same password; I had no idea I was using certain passwords on literally a dozen sites or more.
IME, re-using a password on multiple sites is one of the major reasons accounts get hacked. It prompted me to clean up my act (and made that process a bit easier).
Another vote for Firefox and its password manager, Lockwise. I installed it on all my devices (two PCs and two iPhones), it syncs across all devices, and I have all my passwords at hand on all of them.
Of course, this convenience comes at a price. My business phone (one of the two iPhones on which I was logged in with my Firefox/Lockwise account) was stolen the other day. I had to rush home, change the master password for the password manager, and manually change all log-in credentials on all websites that were stored in it. Took me a while to do that.
I’ve started using LastPass recently. It coordinates across different OS and browsers. I can also use in on my phone and tablet, in addition to computers.
I have it set up with fingerprint authentication, with a written password as backup.
This “system” is marginally useful if you have a single device. Once you have multiple devices (I have 4 computers and 2 portable devices), it’s pretty unworkable. And, it doesn’t give you the ability to auto-fill, or generate a strong password.
Not recommend.
Yet one more thing about LastPass (and probably others): if you insist, you CAN download/print your complete list of URLs, usernames, and passwords for storage in a safe or wherever. It needn’t be either/or. In LastPass it is More Options/Advanced/Export.
Strongly agree. Plus, unless you are encrypting the file you are putting yourself at risk for malware harvesting the file. It being in an obscure location doesn’t matter, as it’s trivial to do something like search for files that contain many strings that look like email addresses or web addresses and capture it on the assumption that it contains passwords.